Chief Information Security Officer

Company: HireRight
Location: Nashville
Posted on: March 12, 2025

Job Description:

About HireRightHireRight is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East. Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide.OverviewThe Chief Information Security Officer (CISO) at HireRight is responsible for developing and leading the company's enterprise-wide cybersecurity strategy, ensuring the protection of customer and company data, regulatory compliance, and cyber risk management in a highly regulated industry.Reporting to the Chief Strategy & Transformation Officer (CSTO), the CISO plays a pivotal role in aligning security initiatives with strategic business objectives, working cross-functionally with technology, legal, compliance, and operations teams to maintain trust with clients, regulators, and stakeholders.This role requires an experienced security leader with a deep understanding of cybersecurity, risk management frameworks, cloud security, and regulatory compliance within industries such as financial services, background screening, healthcare, or government contracting.ResponsibilitiesStrategic Leadership & Governance

• Develop and execute a comprehensive cybersecurity strategy that aligns with HireRight's business, regulatory, and risk management priorities.
• Establish and oversee security governance policies, standards, and frameworks to ensure compliance with SOC 2, ISO 27001, GDPR, CCPA, FCRA, and other industry regulations.
• Act as the primary security advisor to the CSTO, executive team, and Board of Directors, providing insights on cyber threats, emerging risks, and mitigation strategies.
• Lead enterprise security risk assessments, presenting findings and business impact assessments to executive leadership.Regulatory Compliance & Risk Management
  • Ensure adherence to global regulatory and industry security requirements, working closely with legal, compliance, technology, and audit teams.
  • Oversee risk management programs, ensuring proactive identification, assessment, and mitigation of cybersecurity risks.
  • Lead third-party/vendor security risk assessments, ensuring suppliers and partners meet HireRight's security and compliance standards.
  • Develop and implement cybersecurity policies and controls to meet the needs of highly regulated industries.Security Operations & Incident Response
    • Lead the Security Operations Center (SOC) and Threat Intelligence teams to proactively detect and respond to cybersecurity threats.
    • Oversee the Incident Response program, ensuring rapid containment and remediation of security breaches.
    • Develop and maintain business continuity and disaster recovery plans, ensuring operational resilience against cyber threats.
    • Establish security monitoring and forensics capabilities, leveraging advanced threat detection technologies.Data Protection, Identity & Cloud Security
      • Lead identity and access management (IAM) strategies to enforce secure access controls and zero-trust security models.
      • Oversee data protection, encryption, and privacy initiatives to safeguard sensitive customer and corporate data.
      • Implement cloud security best practices, ensuring the secure deployment and management of AWS, Azure, GCP, and SaaS-based environments.
      • Embed secure software development lifecycle (SDLC) practices, collaborating with engineering and IT teams.Technology & Cybersecurity Innovation
        • Evaluate and implement cutting-edge security technologies, including AI-driven threat detection, automation, and next-gen endpoint protection.
        • Lead the cybersecurity strategy for digital transformation initiatives, ensuring security is embedded into emerging technologies and business processes.
        • Drive the adoption of Zero Trust Architecture, secure DevOps (DevSecOps), and advanced security automation frameworks.Team Leadership & Security Culture
          • Build and lead a high-performing cybersecurity team, fostering a culture of excellence, collaboration, and continuous improvement.
          • Develop and implement company-wide security awareness training to mitigate human risk factors.
          • Advocate for a "security-first" culture, embedding cybersecurity best practices across all business functions.Qualifications
            • 15+ years of leadership experience in cybersecurity, risk management, or information security leadership, preferably in a highly regulated industry (e.g., financial services, background screening, healthcare, or government contracting).
            • Proven track record of leading enterprise cybersecurity programs in global organizations with complex regulatory environments.
            • Deep expertise in cyber risk management frameworks (NIST, CIS, ISO 27001, SOC 2, GDPR, CCPA, FCRA, etc.).
            • Strong knowledge of cloud security (AWS, Azure, GCP, SaaS) and modern cybersecurity architectures.
            • Experience leading security compliance audits and regulatory engagements.
            • Hands-on leadership of incident response and crisis management at the executive level.
            • Strong ability to translate complex security risks into business impact and strategic recommendations.
            • Excellent leadership, communication, and stakeholder management skills.
            • Relevant certifications (CISSP, CISM, CISA, CRISC, CCSP) are a plus.What do we offerIn exchange for your expertise, HireRight offers an excellent employee benefit package which includes:
              • Medical
              • Dental
              • Vision
              • Paid Life/AD&D Insurance
              • Voluntary Life Insurance
              • Short & Long Term Disability
              • Flexible Spending Accounts
              • 401K
              • Generous Paid Time Off Program
              • 10 Paid Holidays
              • Education Assistance Program
              • Business Casual Attire
              • Generous Referral Program
              • Employee Discounts and Rewards
              • And much more!*All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.HireRight, LLC is an Equal Opportunity EmployerMinorities / Females / Veterans / Disabilities
                #J-18808-Ljbffr

Keywords: HireRight, Nashville , Chief Information Security Officer, Executive , Nashville, Tennessee